Summary

In this episode of the Phillip Wylie Show, Marina Ciavatta shares her unique journey into the world of physical pen testing and social engineering. From her origins in journalism to her current role as a red teamer, Marina discusses the challenges and experiences she has faced in the field. She shares thrilling stories of her pen tests, including moments of fear and unexpected encounters, while also emphasizing the importance of training and awareness in cybersecurity. Marina provides insights for those looking to enter the field, highlighting the blend of creativity and strategy required for successful penetration testing.

Takeaways

• Marina's journey began with event organizing and content production in cybersecurity.

• Physical pen testing requires a deep understanding of security protocols and ethical considerations.

• Experience in event management can enhance skills in physical pen testing.

• Being caught during a pen test can provide valuable insights into security effectiveness.

• Security guards play a crucial role in preventing unauthorized access.

• Creative approaches, such as using costumes, can aid in infiltration during pen tests.

• Combining social engineering with physical pen testing can yield better results.

• Training and awareness are essential for both red and blue teams in cybersecurity.

• Practicing social engineering ethically can help develop skills without causing harm.

• Marina emphasizes the importance of leaving positive feedback in security reports.

Sound Bites

• "I had to crawl a lot on the floor."

• "Being caught is part of the job."

• "I tend to collect my costumes as I go."

Chapters

00:00 Introduction to Marina's Journey

06:53 Breaking into Cybersecurity: Tips for Newcomers

13:20 Getting Caught: Lessons from the Field

29:55 Combining Social Engineering with Physical Pen Testing

34:37 Training and Ethical Considerations in Social Engineering

Resources

https://www.linkedin.com/in/mciavatta/

https://x.com/MarinaCiavatta

https://linktr.ee/marinaciavatta

Phillip's New Free Penetration Testing Methodology Training on Just Hacking Training

https://www.justhacking.com/uc/uc-penetration-testing-methodology/